Fix keyring file missing after Vault restart #15946
Merged
Commits on Jun 11, 2022
-
Fix keyring file missing after Vault restart
Fix keyring file missing after Vault restart Vault can be killed by signal SIGTERM in anytime. If Vault is doing keyring rotation and the fd is still not closed at that time, the size of the keyring file will be zero. The orignal key will be lost totally. Because the file is opened with os.O_TRUNC, and the fd will be closed automatically after Vault exits. Then try to unseal Vault after it startup again, the keyring file will be deleted in getInternal function due to its size is zero. So that is why the keyring file is missing. And the Vault cannot be unsealed anymore due to the file missing. Write data into a temp file then move it can avoid the file crash. Fix:hashicorp#15680 -
-
Merge pull request #1 from shujun10086/shujun/fix_keyfile_missing
Create 15946.txt
Commits on Jun 15, 2022
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.